Access control to SAM / _samr_query_sec_obj
Kai Krueger
kai at kruegernetz.de
Thu Jun 6 15:44:02 GMT 2002
----- Original Message -----
From: "Andrew Bartlett" <abartlet at pcug.org.au>
Sent: Thursday, June 06, 2002 1:01 PM
> > As the SDs contained numerical constants as well, that part is included as well, so it is a patch
> > against a fresh samba HEAD cvs from 31.5.02
>
> Firstly, can you update for current CVS? (I suspect there will be
> conficts, I made some changes for better NTSTATUS returns recently).
Yup, I can try and update it to current CVS, as long as that doesn't change to often ;-)
I'll hopefully be able to do it soon. Should I send the next version of the patch via list again,
or are there concerns about too many "big" mails?
> Secondly, I have some further style nit-picks:
> - We can't use \\ as a comment in Samba, as many C compilers don't
> understand it.
That shouldn't be a problem to change.
> - Please use 8-space tabs. Samba mainly uses the 'linux' coding style
> - which you can
> set in emacs. Also make 'if(' -> 'if ('.
Neither should that. If I find any 'if(' that were there before, should I change them as well?
> On the patch itself, it looks pretty good. In the longer term, I plan
> to move the access contols into the passdb - they will take an extra
> paramater of 'access_granted'. This will allow us to have a consistant
> policy across all access methods (SAMR, RAP, etc) as well as removing
> the really weird way the passdb requires become_root() stuff atm.
Is that supposed to be a addition or a replacement to the checks done in this patch?
> Andrew Bartlett
>
> --
> Andrew Bartlett abartlet at pcug.org.au
> Manager, Authentication Subsystems, Samba Team abartlet at samba.org
> Student Network Administrator, Hawker College abartlet at hawkerc.net
> http://samba.org http://build.samba.org http://hawkerc.net
>
Kai
More information about the samba-technical
mailing list